I agree with you here ... I advise against passwords, and instead use easy to remember pass-PHRASES ... Then take, arbitrarily, the first, or the second letter of each word in the phrase, and include punctuation marks/characters somewhere in the string, while substituting the standard letter/number swaps like 0 for O, 1 for I, 3 for E, etc ... As the resulting passphase is almost certainly guaranteed NOT to be solved for in a dictionary attack.
"My First Dog's Name Was Fido For Remote Access" could be the string "MfdnwF4ra!" Erik Goldoff IT Consultant Systems, Networks, & Security -----Original Message----- From: Charlie Kaiser [mailto:charl...@golden-eagle.org] Sent: Wednesday, July 01, 2009 2:44 PM To: NT System Admin Issues Subject: RE: Terminal Services question Of course, Passw0rd! Is a strong password by MS standards, too. Take a guess how long THAT one will take to crack... :-) I don't think strong passwords are enough... Better, but not enough... *********************** Charlie Kaiser charl...@golden-eagle.org Kingman, AZ *********************** > -----Original Message----- > From: Carl Houseman [mailto:c.house...@gmail.com] > Sent: Wednesday, July 01, 2009 11:38 AM > To: NT System Admin Issues > Subject: RE: Terminal Services question > Your idea allows the entire world to test the password strength of > user's AD accounts. Google "tsgrinder". If you have strong user > passwords enforced, then it's not so bad. > > Carl ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
